11/10/21

Critical Infrastructure Daily Brief

Statewide Terrorism & Intelligence Center

Critical Infrastructure Daily Brief

**UNCLASSIFIED **

(U) STIC is providing this information to our partner agencies for situational awareness. This document contains information obtained from open source information. While STIC has gone to great lengths to verify the information found in open source documents on the internet, this information may not be accurate.

Situational Awareness

• President Biden Visits Elk Grove Village to Promote COVID Vaccine Mandates

President Joe Biden visited the Chicago area Thursday, landing at O'Hare in the early afternoon, visiting Elk Grove Village to talk about COVID vaccines and economic recovery, and then heading back to Washington D.C., to help shepherd his legislative agenda through congress. The president visited a Clayco Construction site in Elk Grove Village that has imposed a vaccination requirement of its own. Introduced by Governor JB Pritzker, Chicago Mayor Lori Lightfoot, and Rep. Raja Krishnamoorthi, Biden asked businesses to proactively mandate vaccinations before the federal requirement takes effect. Last month, Biden said he would use his presidential powers to require two-thirds of American workers to be vaccinated against the coronavirus or test all employees weekly. That would impact 100 million workers. Companies with 100 employees or more are affected by the mandate. The details are still being worked out by OSHA. "Today I'm calling on more employers to act," Biden said. "My message is: require your employees to get vaccinated, vaccinations are the way we're going to beat this pandemic finally." President Biden praised Rush University Medical Center for requiring its employees get the shot, saying it raised the vaccination rate there from 72% to more than 95%. The president argued the push for vaccine mandates is already making a difference, with nearly 30 million more people getting their shots after his first vaccine mandate for federal workers over the summer. The White House said vaccination requirements have increased vaccination rates by 20 percentage points to over 90% in many organizations. A White House report found that 185 million Americans are now vaccinated, up from 2 million when Biden took office at the end of January. The report said the vaccination campaign has saved more than 100,000 lives.

• President Biden Visits Chicago Area

• Afghanistan: Deadly Blast Hits Kunduz Mosque During Prayers

A blast has tore through a mosque in Afghanistan’s northeastern city of Kunduz during Friday prayers, causing multiple deaths, according to the Taliban. “This afternoon, an explosion took place in a mosque of our Shia compatriots … as a result of which a number of our compatriots were martyred and wounded,” Taliban spokesman Zabihullah Mujahid said on Twitter, adding that a special unit was arriving at the scene to investigate. Local media reported dozens of casualties. Residents in Kunduz, the capital of a province of the same name, told AFP news agency the blast hit the mosque during Friday prayers.

• At Least 100 Dead, Wounded in Afghan Blast

Cybersecurity

• Google Blames Suspected Russian Hacking Group for Targeting 14,000 Gmail Users

Russian hackers targeted approximately 14,000 Gmail users last month, according to the company’s Threat Analysis Group. While 100% of the emails were blocked by spam, Google TAG director Shane Huntley characterized the batch as “above average” on Twitter. The campaign from the group known at APT28 made up 86% of Google’s recent alerts to users about government-backed attackers, Huntley said in an email. Google batches these kinds of alerts to users rather than during the moment of detection to help keep attackers from figuring out their defense strategies, he explained. Several Gmail users reported on Twitter receiving the alert, including several researchers and journalists. Huntley said the campaign was targeted “across a wide variety of industries.”

• New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity

The U.S. government on Wednesday announced the formation of a new Civil Cyber-Fraud Initiative that aims to hold contractors accountable for failing to meet required cybersecurity requirements in order to safeguard public sector information and infrastructure. "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it," said Deputy Attorney General Monaco in a press statement. "Well that changes today, [and] we will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk." The Civil Cyber-Fraud Initiative is part of the U.S. Justice Department's (DoJ) efforts to build resilience against cybersecurity intrusions and holding companies to task for deliberately providing deficient cybersecurity products or services, misrepresenting their cybersecurity practices or protocols, or violating their obligations to monitor and report cybersecurity incidents and breaches.

• Russian State Hackers Behind 53% of Attacks on US Govt Agencies

Microsoft says that Russian-sponsored hacking groups are increasingly targeting US government agencies, with roughly 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 coming from Russia. "Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense," said Tom Burt, Microsoft's Corporate Vice President for Customer Security & Trust. "And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year."

• Additional Fixes Released Addressing Apache HTTP Server Issue

Apache released additional fixes for CVE-2021-41773 on Thursday as government agencies like CISA warned that one vulnerability related to the Apache HTTP Server issue had been exploited in the wild. As ZDNet reported on Wednesday, developers behind the Apache HTTP Server Project urged users to apply a fix immediately to resolve a zero-day vulnerability. The Apache Software Foundation released Apache HTTP Server version 2.4.50 to address two vulnerabilities that would allow an attacker to take control of an affected system. In a notice on Wednesday, CISA said one of the vulnerabilities, CVE-2021-41773, has already been exploited in the wild. "It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution," Apache said in a notice. "This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions."

Energy

• Ameren Illinois Introduces ‘Gas Sniffing’ Car

Ameren Illinois introduces a new “gas sniffing” car that can quickly identify the presence of methane emissions, pinpoint the source of potential leaks, and speed the response time to repair pipelines. “Ameren Illinois inspects thousands of miles of underground pipeline in neighborhoods every year, and we have reduced methane emissions to industry-low levels,” said the vice president of Natural Gas Operations for Ameren Illinois Eric Kozak. “This new mobile technology we’re introducing will supplement our existing leak-detection practices and provide up to 1,000 times the sensitivity to help detect methane in the atmosphere. We believe this technology will enable us to significantly reduce methane emissions and strengthen the safety and reliability of our natural gas distribution system.” Officials said the “gas sniffer” works by deploying a high-tech analyzer on the rear of a hybrid electric car. As the car drives through city streets, it detects the presence of methane and ethane and passes air samples to a device that records wind speed and directional readings. Ameren Illinois crews use GPS coordinates to pinpoint the location and mobilize response units. The technology is powered by ABB MobileGuard™ and is capable of detecting methane gas presence hundreds of feet away.

• Energy Transfer Says Penn. Access Refined Products Pipe is Complete

U.S. energy company Energy Transfer LP (ET.N) said this week that its Pennsylvania Access refined products project in Pennsylvania was complete and ready for service. Pennsylvania Access will allow refined products to flow from refineries in the U.S. Midwest into Pennsylvania, New York and other U.S. Northeast markets. The refined products will move through Energy Transfer's Allegheny Access pipeline system in the Midwest into Pennsylvania where the company used part of the existing 8-inch (20-centimeter) Mariner East 1 line to distribute the products in Pennsylvania and the U.S. Northeast markets. Mariner East 1 started service in the 1930s transporting refined products from the Philadelphia area to western Pennsylvania. It was repurposed and expanded to transport propane in 2014 and ethane in 2016. Energy Transfer said the parts of Mariner East not being used by Pennsylvania Access were currently moving ethane. Mariner East 2 and 2X, which entered service in the past few years, can handle multiple natural gas liquids including ethane, propane, butane and natural gasoline. Energy Transfer said it expects the full Mariner East system to be online by the end of the year.

Related Links